Lighting a match in the dark web

Category Archives: Anonymity

“THANK YOU Bob Saget. Just because red rooms don’t fit under your perfect “criteria”, that doesn’t mean they don’t exist. I personally know somebody who has been a part of a red room, but he wasn’t the murderer. He was the victim.”

She was replying to an earlier comment by someone who went by the name of Bob Saget (yes, that was his name), who gave me a hard time for trying to disprove the existence of red rooms, and cited Peter Scully’s videos as an example – in other words, this guy:

So here are my thoughts: what I’ve said so far about red rooms has been based partially on my personal experience, and also what I’ve researched about them. While I have not seen such a thing (or at least not one that I believe to be genuine), here is how I would define a red room:

A website (presumably on the dark web or a private network) where you can pay to witness torture and murder.

While I realize that some very sick things exist on Tor and other darknets (most notoriously child pornography), streaming video over Tor would be incredibly difficult, at least the way it works at present. If you don’t understand how onion routing works, this link explains it quite well: What Is Onion Routing, Exactly?

It is possible to watch video on Tor (and I have, in fact). As I mentioned on my recent post PsychoTube: The YouTube of Tor?, there are a few sites on which you can watch uploaded videos, but they certainly aren’t live. It’s very similar to LiveLeak, in that it features videos of murders, executions, and war. By the way, another dark web blog that I like, All Things Vice, has addressed this subject as well: You wanted darker web?

That being said, how does this square with the above comment? Well, my heart goes out to anyone who’s a victim of torture or murder; nonetheless, as far as that having something to do with red rooms, the burden of proof is on the claimant. One site on the clearnet, Red Room Deep Web Complete Guide, goes into detail about what allegedly happens in a red room, and how to see one (in theory).

Without reviewing all the things this site says about it, I think a number of them are wrong – and it looks like they’re using a scam site as their example. But you could, of course, create your own red room.

I’m sure many of the members of the previous social network are happy about this, although I was a little hesitant to join at first, given that there are so many clone sites (like the one above) out there.

So, I just joined about a week ago, and by all accounts, this site seems to be legit. No, really, it is!

I recognize quite a few of the same folks who were on Galaxy2, which is a good indicator that it is the real thing.

Anyhow, Galaxy3 is quite similar: like its predecessors, it has a feature called “The Wire,” which is basically a news feed (like on Facebook or Twitter). And yes, anything you post to The Wire is public, so for newcomers – don’t post it if you don’t want others to see it!

What surprises me about it is that many of the Wire posts are the same types of things that people would say on Facebook, Tumblr, or other clearnet social media sites. I think I’ve addressed this on my earlier “dark web social network” posts.

It could be something as simple as, “Hey, what’s going on everybody?” Or I have noticed some people who appear to be trying to promote businesses and such. But as I said, the dark web has increased my level of paranoia tenfold; I tend to view anyone who is selling something with a degree of skepticism.

One other thing that I notice frequently is that people don’t shy away from posting about controversial topics here (and that goes for the dark web as a whole, not just Tor). Many of the social networks I’ve been a part of on Tor (and elsewhere) have included such things as gore, self-harm, drug use, and…um…unusual fetishes. Not that you can’t find that on the clearnet:

If only they knew that my fetish was to collect Precious Moments dolls and dress them in leather outfits…

In all seriousness, vaguely remember someone asking who was into scat play, for example – which I’m sure you could find on the clearnet as well, if that’s what you’re into, but again, the keyword is “anonymity.”

Like your popular social media sites on the clearnet (Twitter, Tumblr, etc.), Galaxy3 also has a blog feature, which works quite similarly. All you do is click on the “Blogs” tab, and you’ll see a feed with the latest blog posts. From there, you can also add your own (well, yah, I could’ve told you that).

But again, what’s the difference between these blogs and the ones that you would find on the clearnet? Well, I noticed a lot of paranoid conspiracy theory stuff on there, plus there was some guy asking about the aforementioned kinky sex acts. See? The dark web’s not all “bad” – it has kinky sex!!

Come to the dark web – we are kinky.

All in all, if you’re already interested in the dark web and have not checked out any of these social networks yet, Galaxy3 is one that I recommend. The people are pretty cool, and there aren’t any convoluted instructions for becoming a member.

Can you access .onion sites without the Tor Browser? Short answer? Yes, you can – but I don’t recommend it…I cannot stress this enough.

I’ve mentioned Tor2web proxies in a few previous posts, but didn’t elaborate on it much.

In their own words, “Tor2web is a project to let Internet users access Tor Onion Services without using Tor Browser.” Tor2web and Web2Tor are reverse proxies which allow clearnet users (such as someone using Chrome, Firefox, etc.) to access Tor hidden services.

The proxy listens on port 80 (or sometimes 443) on a clearnet server, and then proxies requests to the Tor hidden service.

Well, no – not great. In spite of its convenience, the problem with using these proxies is that whomever is operating the Tor2web proxy can spy on your web traffic. While this may not sound like a bad thing, if said proxy operator has malicious intent, then you (the user) are basically a sitting duck. Plus, if the point of Tor is being anonymous, and someone can detect your web traffic that defeats the whole purpose!

In fact, even onion.cab themselves – the proxy service, that is – warns users when they first try to access a site this way:

If this doesn’t sound bad, then it should be noted that not only can the operator see your web traffic, but they can also modify it and inject code if they so desire.

If you visit https://6zdgh5a5e6zpchdz.onion, but do so through onion.cab instead of through Tor, the proxy service injects piwik analytics code into the page, which looks something like this:

So why should you care? Well, the proxy service who injected the code now knows that your IP address accessed said onion service at a specific time. In addition, they’re also executing code on your browser that the operator of the original site is unaware of.

Within the code, some of the information that it can discover about you is:

The title of the page you’re viewing

An ID for the site

The time that you made the request

The exact URL you were looking at

The page that sent you to that URL

Details of which plugins you have installed

Whether cookies are enabled

Your screen resolution

A unique ID for you

Alternately, this third party operator can inject code into the site that may track you across hidden services – that is, if you’re using the onion.cab proxy.

Thus, if your concern is privacy, it should be obvious why you don’t want to give this information away. The same goes for any proxy, really, but again, if you’re using Tor for anonymity, then accessing so-called “hidden services” via the clearnet is pointless.

I know that a lot of people who explore the “dark web” for fun just say, “Give me links!” But if you want to explore those links, do so in the right way – use the Tor Browser (from https://www.torproject.org/), and don’t try to do so via the clearnet.

I forget exactly where I found this link – I think it was either Electronic Frontier Foundation or Privacy Tools – but it’s a list of supposedly anonymous proxy servers, generated by a set of particular search engine terms:

+”:8080″ +”:3128″ +”:80″ filetype:txt

This returns results for lists of proxy servers that use ports 8080, 3128, and 80, which are apparently more anonymous than average proxies.

You’ll get different results if you use different search engines, too:

Even so, as I mentioned in a few earlier posts, this all depends on whether you trust proxies at all. Which is why I haven’t used any of these, personally.

It’s similar to using a VPN in combination with Tor. Are you really anonymous when doing this? That depends on whether or not you trust your VPN provider! By the same token, it’s very risky to use certain proxies, unless you know what data the proxy server is collecting about you. Never mind the fact that .txt documents can contain malware (just as some PDFs on Tor do). Read Should You Trust Any Proxy? to find out a little more.

Regardless, it’s an interesting experiment to try Googling this, even if you don’t decide to use the proxy services themselves. Most of the sites look like this:

While the idea of “anonymous proxy server” sounds great, in theory, they could be just like malicious Tor exit nodes – intending to steal data or worse.

Given that privacy and anonymity are such a hot topic these days, there are many projects that various people and organizations are developing for just that reason. Several of these I’ve already mentioned multiple times, including Tor, I2P, Freenet, and ZeroNet.

Nonetheless, I find the defunct ones to be just as interesting, partly because some of them used different methods for disguising one’s identity. A few that I’ve had a chance to check out are:

Osiris is a program used to create web portals that are distributed via P2P networking, and are not reliant on central servers (hence the name “serverless portal system”). Data on Osiris portals are shared between all participants. According to the Wikipedia article on Osiris, these are some of its key features:

The system is anonymous. It is not possible to make an association between a user and their IP address, hence one cannot trace the person who created a content.

Even with physical access to an Osiris installation it is impossible to trace the actual user without knowing his password.

2048-bit digital keys guarantee the authenticity of content (digitally signed in order to prevent counterfeiting) and the confidentiality of private messages (encrypted between the sender and recipient).

To prevent the ISP from intercepting traffic, connections and data transfer to a portal (called alignment), Osiris uses random ports which are cloaked during handshake and encrypted point-to-point via 256-bit AES.

The P2P distribution allows content to be present in multiple copies as a guarantee of survival in case of hardware failure or nodes off-line.

As the portals are saved locally, one can read the contents even if one works off-line.

In some ways, Osiris is also like Freenet, in that it uses P2P distribution of content, has a reputations system, and uses cryptographic keys as identifiers.

Now, for those of you looking for creepy and disturbing stuff, I’ve never found any of that on Osiris. That wasn’t really my intention when I started using it. I was exploring other anonymity networks and software that I had yet to use.

The problem with Osiris is that it seems as though it’s no longer being developed, as I mentioned. Still, for the curious who just want to check it out, click the link above.

anoNet was a Wide Area Network (WAN) created in 2005. Its creators were a few people who were tired of the surveillance and constant data collection that still takes place on the clearnet today.

As on Freenet or ZeroNet, they wanted it to have functions like social networking, messaging, email, and website publishing, but the ability to do all of these anonymously. The network used OpenVPN, tinc, Quagga, BIRD, and QuickTun. OpenVPN and QuickTun were used to quickly connect nodes to one another, while BIRD and Quagga were used to exchange routing information with others on the network, allowing all peers to connect to each other easily.

What I’m not entirely sure of is if you can still connect to the network at all, since various sources have listed it as defunct. It may be similar to Osiris, in that it isn’t actively being developed, but the software is still available.

Umbra, like Osiris, isn’t really defunct, but it isn’t being actively developed. It was a division of The Shadow Project, the creators of the ShadowCash cryptocurrency.

It could be used for anonymous chat, messaging, email, and hosting websites (much like Freenet or ZeroNet). I haven’t had the chance to use it yet myself, but I would enjoy just playing around with it, if for no other reason than learning…and fun!

StealthNet was an anonymous P2P filesharing network, based on an earlier model, called RShare. Like many other P2P networks, traffic was routed through other nodes in the network, helping to keep users anonymous.

For better or worse, this project, too, has been discontinued. If you’re just curious about it, however, it looks as though you can download the software. It’s unlikely that there will be many (if any) peers to connect to, which kind of defeats the purpose of a P2P network!

Anyhow…

Despite the fact that these networks have been discontinued, I expect that others like them are being developed right now, or will be in the future.

As I always say, if you’re a budding developer, why don’t you create one? It could eventually be something big!

I’ve mentioned ZeroNet in a few previous posts, but haven’t gone into much detail about it. I think it has the potential to be a great network, if more people start using it.

It’s a bit different from Tor, in that you don’t have to have a separate browser to access it (although you do need the software). ZeroNet is a decentralized network that uses bitcoin cryptography and the BitTorrent network to create a “separate internet,” if you will.

ZeroNet also uses the Tor network to help users achieve anonymity, though the two are in fact different networks. (Wait…huh?) Yes, in addition to using the BitTorrent network, ZeroNet also has the ability to route traffic through Tor – although you can turn this feature on and off.

According to the documentation, at present, ZeroNet offers these features:

Real-time updated sites

Namecoin .bit domain support

Multi-user sites

Passwordless – Bitcoin’s BIP32-based authorization

Built-in SQL server

As with PGP, on ZeroNet you have a public and a private key, which is a feature of asymmetric cryptography. Essentially, it’s the same type of cryptography that’s used to protect your bitcoin wallet.

I know how many people are curious about pseudo-top level domain names. As it says above, ZeroNet sites use the .bit domain, and there are quite a few out there. (But sorry, no .clos, .loky, .lll, or .rdos sites.) Aw, crap!

If you’d like to see a ZeroNet site, here’s one:

And here’s another:

Like the sites on Tor, I2P, and other networks, they don’t look all that fascinating. Many contain a lot of technical and coding information. It doesn’t surprise me, actually; I wasn’t expecting to find anything dark and secret on ZeroNet that I couldn’t find elsewhere.

Anyhow, this is going to be a short post, as I still have to explore ZeroNet quite a bit more. I just wanted to give you a little taste! I encourage other people to join it, because some of the forums and things seem a bit empty!

I’m well aware that not all “dark web” users prefer the Tor network (which I’ve mentioned in a few previous posts).

As I wrote about in How to Access the Dark Web with I2P!, I2P is one of the three most popular anonymity networks at the moment, next to Tor and Freenet. Out of those three, however, it’s arguably the most complicated to use.

If you’re already familiar with using Tor on Android, then you may know the browser Orfox; download that first, from Google Play – Orfox.

As with the standard version of I2P, you need to configure your proxy settings to be able to connect to it on your mobile device.

Depending on which device you have, these may be in a different area, but this tutorial explains it quite well. (With the exception that the Orweb browser is outdated.)

To sum up – you’ll need to configure your proxy settings to 127.0.0.1 (localhost), port 4444 (HTTP). After this is finished, open the I2P app again and hold down the button that says “Long press to start I2P.”

Once you’ve started I2P, the app has to find peers on the network. This should only take a few minutes at most (depending on your connection, of course).

Finally, go to the “addresses” tab. There should be some default I2P sites (eepsites) listed there. You can add others if you wish. Actually, on my device, there was only one eepsite listed by default.

If you tap on the name of one of the eepsites, it may ask you which app you want to use to open it. Obviously, the tried and true Firefox is good. You can also use Orfox, as I mentioned.

Also, if you tap the “tunnels” tab, you’ll see which client tunnels and/or server tunnels are running. By default, some of the ones that run are the I2P HTTP/HTTPS Proxy, Irc2p, and smtp.postman.i2p (simple mail transfer protocol):

You can, of course, customize it by adding your own client tunnels or server tunnels using the red “plus” button in the lower righthand corner (maybe that could be a subject for a future blog post…yesssss….).

Interestingly, the tutorial I referenced above recommends Lightning Web Browser, because it’s open-source and built for privacy, speed, and efficiency. It can also send traffic through Tor or I2P, and can be set to use DuckDuckGo or StartPage as its standard search engines. So give that one a try. If you’re curious about the source code, it’s here: GitHub: Lightning Browser.

Now, as for some other eepsites you can try out, here are some suggestions (but I haven’t vetted all of these, so some may not work):

I hope that’s enough to get you started. Anyhow, have fun. I2P may not seem as “creepy” as Tor, but I would like to get a few more people to try it out, and maybe build more of a community on the network.